Exchange 2016

Managing Inbound Email – Strategies to focus on the important stuff

Do you find that you’re missing emails or you don’t see them until much later? I often get questions on ways to better manage emails to focus on critical ones. You probably get hundreds or maybe even thousands of emails a day, intermingled with solicitations, spam and legitimate emails you need to act on. Many email clients have the capability of creating rules and effectively creating rules will allow you to be notified of the important ones while reviewing the non-important later.

The primary goal of your rules is to allow all the critical/important emails to go into your Inbox while the non-important emails go to sub-folders to review later, whether it be once a day, once a week or never. By doing this, email on your phone or tablet will also show, at a glance, those important emails.

Don’t create a folders for departments or people.

Often times I see 50 different folders with co-workers names or various departments with the thought that they can easily find emails all from a person or from a department. When using this approach, you need to constantly check each email folder for a new email, even with the unread badge count next to the folder. You will quickly learn you’re not responding to or managing emails effectively. Leverage the built in search or column sort feature of your email client to get all the emails together to easily find the one you’re looking for.

Don’t use the setting “Mark As Read” or other client side rules.

You may be tempted to use the Mark As Read option in the rule set but this is a client side rule, meaning the rule will only run when the email client (Outlook) is open. If your computer is off or your email client is closed, the rule will not process until you open the email client. If you don’t receive email on a phone or tablet, this likely won’t have a big impact on you.

Do create folders for “notification” emails.

Email clients are extremely flexible to allow a very specific set of criteria for Sender, Recipient, Subject, Message and Message Header (the message header is information about the email such as where it came from, who it was for, what mail server it went through, etc).

You can create a rule to say any email from [email protected] to go to a folder. Let’s say you receive important emails from this email address but also a lot of notice emails. Do the notices all have a certain keyword in the subject or message body? Pretend the subject line has the word “Alert” in it. You can add a second criteria to your rule to say emails from [email protected] and subject contains “Alert”. This means that the email must come from that email address and anywhere in the subject line have the word “Alert”.

To take this one step further, let’s imagine that you want emails from [email protected] with the word “Warning” in the subject line to stay in your inbox and not hit this rule, and the subject line has the word “Alert” in it as well. By using the exception portion of a rule, you can create the rule to say

From Sender: [email protected]
Subject Contains: Alert
Subject Contains: Warning

Create a rule to look for the word “unsubscribe” in the email body and redirect it to a folder.

Most marketing and solicitation emails have to contain a method for the user to be able to easily remove themselves from a mailing list. This is the CAN-SPAM law enforced Federal Trade Commission (FTC).

Keep in mind that if a co-worker receives an email that contains the word “unsubscribe” and forward it to you to review, this rule will also catch it. You may want to also add an Exception to this rule to look for message headers that contain your email domain name.

Continually monitor the folders that your rules are putting emails into to be sure they are setup correctly. Adjust them as necessary by adding additional clarifying criteria or exceptions.

Managing Inbound Email – Strategies to focus on the important stuff Read More »

Email Phishing Mitigation Technique

Phishing and credential leaks have always been difficuilt to block with technology that’s currently available. Relying on email spam filters might reduce the volume to a point but are likely noticing some still come through. While all of the mitigation techniques you have will offer protection, user education and simulated phishing emails are extremely important too.

One mitigation technique is to create a rule and route emails for approval coming from the outside your domain that contain attachments with the following file extensions .html, .htm, .aspx, .asp, .shtml, .zip and .one. As you monitor the emails to approve you can add exceptions to your rule. Some secure email systems, like Cisco, send a html attachment for to view the secure email.

Phishers are getting creative and they often embed your domain name in the link of the URL so when the unsuspecting employee clicks on it, it will show your domain name on the web site. This way they can send a mass phishing campaign and don’t need to change their code. You can create a rule and route emails for approval from outside your domain that contain your domain name within the href tag of the link. Add the rule that matches the pattern in the message subject or body to be: <a [^>]*\bhref\s*=\s*”[^”]*YOURDOMAINNAME.*?<\/a>

Have other suggestions, leave a comment!

Email Phishing Mitigation Technique Read More »

Outlook Prompting Password using Mapi

I’ve spent hours trying to figure out why an Outlook client kept prompting for a password when I moved the users mailbox to Exchange 2016. After hours of the normal troubleshooting I found that it did not prompt for the password when cached mode was off. After having the user connect to another machine for testing and comparing the Connection Status (Shit + right click Outlook icon in systray) I found that it wasn’t making a second connection to the Exchange Directory.

I closed Outlook, went to C:\users\username\appdata\microsoft\outlook and deleted the offlineaddressbook folder and re-opened Outlook. Whola it worked again!

Outlook Prompting Password using Mapi Read More »